Business continuity is defined as " the ability of an organization to maintain its operations and services in the face of a disruptive event." The event could be as basic as an electrical outage or as catastrophic as a category 5 hurricane. When business is disrupted, it can cost money. Lost revenues plus extra expenses means reduced profits. Insurance does not cover all costs and cannot replace customers that defect to the competition. A business continuity plan to continue business is essential. Development of a business continuity plan includes four steps:
- Conduct a business impact analysis to identify time-sensitive or critical business functions and processes and the resources that support them.
- Identify, document, and implement to recover critical business functions and processes.
- Organize a business continuity team and compile a business continuity plan to manage a business disruption.
- Conduct training for the business continuity team and testing and exercises to evaluate recovery strategies and the plan.
Define environmental controls-
As the saying goes, "An ounce of prevention is worth a pound of cure!" Its better to take steps that avoid disruptions rather then trying to recover from them. Preventing disruptions through environmental controls involves using fire suppression, proper shielding, and configuration of HVAC systems.
Describe the components of redundancy planning-
- Redundancy planning is crucial part of business continuity. It involves building excess capacity (or redundancy) for your network and computer systems, to protect them against failure. Redundancy planning ultimately ensures the availability of your network infrastructure, including servers, storage, networks, power, and even sites.
List disaster recovery procedures-
The disaster recovery procedures every enterprise should incorporate includes the guidelines and procedures to be followed to effectively respond to and recover from different disaster recovery scenarios. Plan steps that minimize the effects of the disaster and resume mission-critical functions quickly.
- Implement a Disaster Recovery Plan and test its efficiency.
- Identify a Recovery Team and their specific responsibilities.
- Identify what steps to take in advance of an event, and during the event.
- Identify Recovery procedures
Describe incident response procedures-
Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. An incident response plan includes a policy that defines, in specific terms, what constitutes an incident and provides a step-by-step process that should be followed when an incident occurs.
- Secure the crime scene
- Preserve the evidence
- Establish a chain of custody
- Examine the evidence
http://www.ready.gov/business/implementation/continuity
http://dtechghana.com/security/business-continuity/redundancy-planning/
http://searchsecurity.techtarget.com/definition/incident-response
No comments:
Post a Comment